Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by default.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 26 Aug 2025 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Canonical
Canonical ubuntu Linux
Gnome
Gnome gnome-remote-desktop
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:gnome:gnome-remote-desktop:42.1.1-1:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-remote-desktop:42.1.1-2:*:*:*:*:*:*:*
cpe:2.3:a:gnome:gnome-remote-desktop:42.1.1:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*
Vendors & Products Canonical
Canonical ubuntu Linux
Gnome
Gnome gnome-remote-desktop

Fri, 07 Feb 2025 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 07 Feb 2025 16:45:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}

cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


Fri, 31 Jan 2025 02:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in Gnome Control Center. When turning off RDP Remote Desktop Sharing with gnome-control-center, it would only turn off RDP sharing for the current session. RDP Sharing was enabled again without any additional user interaction or notification upon logging back in. Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by default.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: canonical

Published:

Updated: 2025-02-07T16:07:47.540Z

Reserved: 2022-05-16T19:14:42.013Z

Link: CVE-2022-1736

cve-icon Vulnrichment

Updated: 2025-02-07T16:05:36.750Z

cve-icon NVD

Status : Analyzed

Published: 2025-01-31T02:15:28.440

Modified: 2025-08-26T17:49:07.083

Link: CVE-2022-1736

cve-icon Redhat

Severity : Low

Publid Date: 2022-05-19T00:00:00Z

Links: CVE-2022-1736 - Bugzilla

cve-icon OpenCVE Enrichment

No data.